Travis H. wrote: > I must admit, I just had a "duh" moment. > > Why the heck am I expiring encryption keys each year? Anyone who > records the email can crack it even if the key is invalid by then. > All it really does is crudely limit the quantity of data sent under > that key, which is little to none anyway.
So that you can't be legally required to produce the private key (which you destroyed, right?). Perhaps this is time to remind people of "Security Against Compelled Disclosure": http://www.apache-ssl.org/disclosure.pdf. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]